Fingerprint sensor with feature authentication

ABSTRACT

An apparatus and method for providing user access to a secured application. In one exemplary embodiment, a detector apparatus comprises a fingerprint sensor having a receiving portion that is configured to accept an authentication article. The fingerprint sensor detects one or more predetermined features of the authentication article and reads at least a portion of a fingerprint of a user. The authentication article may include a precious gem such as a diamond. The detector apparatus may further comprise a feature detection sensor in operative relation with the fingerprint sensor. The feature detection sensor detects the one or more of the predetermined features. The fingerprint sensor may be detachably coupled to a portable device having an interface for operably communicating with a computer system to determine an identity of the user. A method, comprising: reading the fingerprint of a user with a fingerprint sensor; detecting one or more features of an authentication article with the fingerprint sensor; analyzing at least a portion of the fingerprint to derive a first indication for verifying an identity of the user; analyzing at least one of the one or more features of the authentication article to derive a second indication for authenticating the fingerprint; and combining the first and second indications for selectively providing access to the secured application to the user.

TECHNICAL FIELD OF THE INVENTION

This invention is related to sensors, and more particularly to sensorsproviding user information including fingerprint information andauthentication article feedback to an attached electronic system forverifying the fingerprint information.

BACKGROUND OF THE INVENTION

Modem society demands that people may be identified for many reasons.These include limiting access to bank accounts, limiting access tocertain facilities such as a security area, a computer room, a policedepartment, or a military facility, limiting which people are authorizedto pick up a child from a day care center, limiting access to governmentwelfare checks and health benefits, determining which prisoner toparole, and limiting access to adult activities such as electronicgambling. This has led to increasing use of identification cards,passwords, and PIN numbers to supplement, in those instances whereautomated identification is either necessary or desirable, thosesituations where human recognition is either unavailable or will notsuffice. This obviously results in an increasing array and assortment ofvarious cards, passwords, and PIN numbers that active participants intoday's increasingly electronic society must carry with them (or ideallymust memorize) to be able to access the functions and capabilitiesrequiring such identification and verification.

Biometrics is the study of biological phenomena, and in the area ofpersonal identification, some chosen characteristic of a person is usedto identify or verify that person's identity. Biometric identificationhas gained interest in recent years because certain personalcharacteristics have been found to be substantially unique to eachperson and difficult to reproduce by an impostor. Further, the recordingand analysis of biometric data is generally susceptible to automationowing to the increased use of computer-controlled electronics anddigital recording techniques. Biometric systems are automated methods ofverifying or recognizing the identity of a living person on the basis ofsome physiological characteristic like a fingerprint or iris pattern, orsome aspect of behavior like handwriting or keystroke patterns.

The biometric identifying characteristic may be biologically determinedas with a fingerprint, or it may be some characteristic that is learnedor acquired, such as handwriting or voice patterns. Ideally, thecharacteristic should be unique for every person and unvarying over thetime frame during which the person may be tested for identification. Thecharacteristic should also be difficult to duplicate by an impostor inorder to secure against erroneous identification.

Some of the biometric characteristics most investigated today for use ina personal identification system include fingerprints, hand or palmprints, retina scans, signatures and voice patterns. Hand or palm printtechniques typically evaluate the shape of a person's hand or othersignificant features such as creases in the palm, but these techniquesmay be fooled by templates or models of the hand of an authorizedperson. Retina scanning techniques evaluate the pattern of blood vesselsin a person's retina. A drawback of this technique is that the bloodvessel pattern may vary over time, e.g., when alcohol is in the bloodstream or during irregular use of glasses or contact lenses. Also, auser may feel uneasy about having his or her eye illuminated for retinascanning or the possibility of eye contamination if there is contactbetween the eye and the scanning apparatus. Signatures can be forgedeasily and must usually be evaluated by a human operator, although workhas been done on automated systems that evaluate the dynamics of aperson's handwriting, such as the speed and the force of hand movement,pauses in writing, etc. Using voice patterns as the identifyingcharacteristic encounters difficulties owing to the wide variations in aperson's voice over time, the presence of background noise during anevaluation and the potential for an impostor to fool the system with arecording of the voice of an authorized person.

The most commonly used biometric characteristic and the one that hasbeen the most investigated and developed is, of course, the fingerprint.Up until now, the technology of personal identification throughfingerprint analysis has been used mainly in law enforcement, and thislong term experience with fingerprint analysis has developed a largeamount of information about fingerprints and has confirmed theuniqueness of a person's fingerprints. Historically, in law enforcement,fingerprints have been recorded by inking the fingerprint and making aprint on a card for storage.

A fingerprint identification system is described in an article entitled“Vital Signs of Identity” by Benjamin Miller (IEEE Spectrum, February1994, pp. 22-30). The system for recognizing fingerprints requires theuser to press a finger onto a glass or Plexiglas platen. Image sensorsunder the platen and a charge-coupled device (CCD) array capture thefingerprint image. A custom computer system and software analyses thedigitized image and converts it to an approximately 1 K mathematicalcharacterization which is compared against data stored in the localterminal or in networked versions of the system in a remote personalcomputer.

Rather than requiring a user to explicitly engage with verificationdevices, transparent verification attempts to identify the identity of auser not only unobtrusively, but during a transaction and using normaluser interactions with the system. For example, a voice recognitionsystem which also is able to identify a user by his voice patternprovides a capability of identifying a user as the user is speaking arequest or command to the system, rather than as an explicitidentification action or request by the user.

U.S. Pat. No. 5,229,764 to Matchett et al. describes a continuousbiometric authentication matrix. This system activates and analyzes thebiometric data from a plurality of biometrically-oriented personalidentification devices at intermittent intervals and selectively allowsor prevents continued use of a particular protected system or device bya particular individual. The system acts as a continuously functioninggate between a system to be protected and a prospective user. Many ofthe biometrically-oriented personal identification devices in theMatchett system attempt some degree of transparent verification andinclude thumbscan, digital photo, voice prints, fingerprints and others.One such device is a joystick device shown in FIG. 7 incorporating athumbscan sensor on the top end of the joystick. In FIG. 8A a computermouse is depicted carrying a hand geometry reader in a mouse casing. Thehand geometry reader is wired through the mouse and its leads run backto the rest of the scanning unit along the same conduit PG as that ofthe mouse. FIG. 8B depicts a mouse having a thumbscan unit sensorincorporated into its side. The thumbscan sensor may be orientedrelative to a mouse casing adapting it either for right-handed personsor left-handed persons or both. A mouse lead is modified or replaced tocarry both the mouse data and the sensor data.

A pointing device such as a computer mouse, joystick, or trackball,includes two principal components: a positional indicator allowsmovement by a user to be communicated as user positional information toan attached system (e.g., a computer system) to allow, for example, apointer to be moved around a window or a screen of a graphical userinterface; and input switches or buttons so that a user can provideselection information to the system which corresponds to a particularlocation to which the positional indicator has been moved. Both kinds ofinformation are communicated through a typically small cable to thesystem to which the pointing device is attached. Alternatively, infraredbeams and RF interfaces have also been used to allow for wirelesspointing devices, particularly a wireless mouse.

Notwithstanding these devices, there is a need for additional andimproved verification devices and capabilities for electronic systems,particularly those verification devices that provide for transparentcontinuous verification during normal user interactions with the system.

As all fingerprints are unique, which makes them ideal for personalidentification. In addition, unlike passwords, PIN codes and/or smartcards, fingerprints are impossible to lose or forget, and they can neverbe stolen. Therefore, reading and comparing fingerprints is a reliableand widely used technique for personal identification or verification toprovide a controlled access to a secured environment. In particular, acommon approach to fingerprint-based user identification involvesscanning one or more fingers for a fingerprint and storing the uniquecharacteristics of the fingerprint image. The characteristics of afingerprint may be compared to information for reference fingerprintsalready in a database to determine proper identification of a person,such as for verification purposes.

Prior art biometric sensors such as fingerprint sensors for readingfingerprints are known to those skilled in the art. As in mostfingerprint sensors, when activated, it is desirable that thefingerprint may be properly read. For instance, a typical electronicfingerprint sensor is based upon illuminating the finger surface usingvisible light, infrared light, or ultrasonic radiation. The reflectedenergy is captured with some form of camera, for example, and theresulting image is framed, digitized and stored as a static digitalimage. Then, a fingerprint image and the fingerprint details may be usedto determine a match with a database of reference fingerprints.

However, a fingerprint-based identification system having fingerprintsensor(s) may be fooled by an image of the fingerprint. Thus,compromising access to a secured environment. For example, presentationof a photograph or printed image of a fingerprint rather than afingerprint from a user's finger may deceive optical sensing.Accordingly, a fingerprint sensor reading only a fingerprint may beunreliable in providing controlled access to a secured application,system, or device.

One solution includes the combination of a card bearing userinformation, along with sensing of the fingerprint from a user's fingerto verify the identity of the card bearer. For example, fingerprintinformation may be encrypted onto a card so that a comparison of theinformation read from the card can be made to a fingerprint from auser's finger of the card bearer. Accordingly, the identity of the userand card bearer can be verified, such as for authorizing an access to asecured application. Such use of a fingerprint sensor may reduce fraudwhile providing access to a secured application.

A problem with this technology has been that such conventional systemsare relatively complicated and require the use of a separate cardreader, such as for reading a magnetic stripe carried by the card, aswell as a separate fingerprint reader to obtain the fingerprint from theuser's finger. Accordingly, such a dual sensor system is relativelyexpensive and may be complicated. Therefore, what is required is asolution that enables increased security without the expense ofadditional hardware.

Another problem with this technology has been that in fingerprint-basedaccess control systems, authorization or access by an authorized person,other than the person with the matching fingerprint, can be difficult toimplement using a conventional fingerprint sensor. Therefore, what isalso required is a solution that provides for improved security.

One unsatisfactory approach, in an attempt to solve the above-discussedproblems typically involves using a large and bulky sensor integratedwith a fingerprint sensor. However, a disadvantage of this approach isthat a relatively large and/or bulky fingerprint sensor results havingcumbersome peripherals to carry around. Therefore, what is also neededis a solution that meets the above-discussed requirements in a moreeffective manner.

Heretofore, the requirements of providing more secure access to acontrolled environment without compromising security and/or portabilityreferred to above have not been fully met. What is needed is a solutionthat simultaneously addresses all of these requirements.

SUMMARY OF THE INVENTION

The present invention generally provides an apparatus and method forverifying a fingerprint with a fingerprint of an authentication articleto authenticate the fingerprint. In one exemplary embodiment, a detectorapparatus may include a fingerprint sensor having a receiving portionthat is configured to accept an authentication article including aprecious gem such as a diamond. The fingerprint sensor may detect one ormore predetermined features of the authentication article, and read atleast a portion of a fingerprint of a user. The detector apparatus mayfurther comprise a feature detection sensor in operative relation withthe fingerprint sensor. The feature detection sensor detects one or moreof the predetermined features. The fingerprint sensor may be detachablycoupled to operate with a portable device such as a smart card having aninterface for operably communicating with a computer system, and averification engine for operably communicating with the computer systemfor determining an identity of the user. The verification engine mayinclude a database having a user storage, an authorization profilestorage, and an audit log storage.

In one another embodiment of the present invention, a pointing devicemay include an interface for operably communicating with a computersystem. The pointing device may further include a base, a trackballmounted upon the base, an upper section, said upper section including atleast one button formed substantially on a top surface of the uppersection, and a fingerprint sensor having a receiving portion that isconfigured to accept an authentication article. The fingerprint sensoris mounted within the upper section for detecting one or morepredetermined features of the authentication article and for reading atleast a portion of a fingerprint of a user's finger in response to thefinger positioned adjacent to the fingerprint sensor and theauthentication article disposed in proximity to the receiving portionand readable by the fingerprint sensor.

The pointing device may further include a feature detection sensor inoperative relation with the fingerprint sensor. The feature detectionsensor detects one or more of the predetermined features, or anycombination thereof of the authentication article. The pointing devicemay further include a verification engine in operative relation with thecomputer system, the fingerprint sensor, and the feature detectionsensor for determining an identity of the user. The fingerprint sensormay provide a first signal to the verification engine, which is derivedfrom the portion of the fingerprint. Likewise, the feature detectionsensor may provide a second signal to the verification engine, which isderived from at least one of the one or more predetermined features ofthe authentication article.

The verification engine may comprise a database having a user storage,an authorization profile storage, and an audit log storage. Theverification engine may further comprise a comparator engine forcomparing the first signal indicative of the at least portion of thefingerprint with a first authentication signal corresponding to a storedcopy of the fingerprint within the database. The comparator engine maycompare the second signal indicative of the at least one of the one ormore predetermined features of the authentication article with a secondauthentication signal corresponding to a stored copy of the one or morepredetermined features of the authentication article within the databaseto provide an authorization signal for a secured application which iscommunicatively coupled to the computer system. The authorization signalmay selectively provide an access to the secured application to theuser.

In one embodiment, the fingerprint sensor is located beneath aparticular one of the button positions. And the fingerprint sensorincludes a capacitive imaging array located at the particular buttonposition contactable by the user's finger so that the user's fingerprintmay be imaged by the capacitive imaging array. Alternatively, thefingerprint sensor can be incorporated into an operable button locatedat the particular button position. The fingerprint sensor may include anoptical imaging array and the particular button position includes atransparent material through which the user's fingerprint may be imagedby the imaging array. The pointing device may further comprise one ormore additional biometric sensors in operative relation with thefingerprint sensor.

In another embodiment of the present invention, a detector apparatusincludes a fingerprint sensor for reading a fingerprint of a user and afeature detection sensor having a housing that is configured to receivean authentication article to the user. The feature detection sensordetects one or more predetermined features of said authenticationarticle and is in operative relation with the fingerprint sensor toidentify the user responsive to the fingerprint and at least one of theone or more predetermined features from the authentication article.

In yet another embodiment of the present invention, a detector apparatusincludes a fingerprint sensor disposed at a location such that whenoperating the apparatus in a normal manner, a user's finger of a user'shand rests in proximity to and readable by the fingerprint sensor forreading a user's fingerprint, and a feature detection sensor inoperative relation with the fingerprint sensor and having a housing thatis configured to receive an authentication article. The featuredetection sensor being configured to detect one or more predeterminedfeatures of the authentication article. The detector apparatusidentifies the user according to the fingerprint and at least one of theone or more predetermined features from the authentication article.

In still another embodiment of the present invention, a method forproviding user access to a secured application, comprising: (a) readingthe fingerprint of a user with a fingerprint sensor; (b) detecting oneor more features of an authentication article with the fingerprintsensor; (c) analyzing at least a portion of the fingerprint to derive afirst indication for verifying an identity of the user; (d) analyzing atleast one of the one or more features of the authentication article toderive a second indication for authenticating the fingerprint; and (e)combining the first and second indications for selectively providingaccess to the secured application to the user.

In one another embodiment of the present invention, a method comprising:(a) reading a fingerprint of a user; (b) detecting one or more featuresof a precious gem; (c) analyzing the fingerprint to derive a firstindication; (d) analyzing the one or more features of the precious gemto derive a second indication; and (e) combining the first and secondindications for verifying an identity of a user. The act of reading thefingerprint may include plugging in a fingerprint sensor having a firstsurface into a smart card and positioning a finger proximal to the firstsurface of said fingerprint sensor. The act of detecting one or morefeatures may include positioning the precious gem into a slot locatedproximal to the first surface of the fingerprint sensor, and reading afeatureprint of the precious gem to derive the one or more features ofthe precious gem. The act of combining the first and second indicationsmay include deriving an authorization for the user by authenticating thefingerprint thereof with the featureprint of the precious gem toselectively provide an access to a secured application to the user.

The foregoing has outlined rather broadly the features and technicaladvantages of the present invention-in order that the detaileddescription of the invention that follows may be better understood.Additional features and advantages of the invention will be describedhereinafter which form the subject of the claims of the invention. Itshould be appreciated by those skilled in the art that the conceptionand specific embodiment disclosed may be readily utilized as a basis formodifying or designing other structures for carrying out the samepurposes of the present invention. It should also be realized by thoseskilled in the art that such equivalent constructions do not depart fromthe spirit and scope of the invention as set forth in the appendedclaims.

BRIEF DESCRIPTION OF THE DRAWINGS

For a more complete understanding of the present invention and theadvantages thereof, reference is now made to the following descriptionstaken in conjunction with the accompanying drawings, in which:

FIG. 1A is a top view of one embodiment of a fingerprint sensor inaccordance with one aspect of the invention.

FIG. 1B is a top view of one embodiment of a detachable fingerprintsensor according to another aspect of the invention.

FIG. 1C is a top view of one embodiment of a portable fingerprint sensorconsistent with yet another aspect of the invention.

FIG. 2 is a block diagram of a system incorporating the fingerprintsensor shown in FIG. 1B in accordance with a further aspect of theinvention.

FIG. 3 is a flow diagram of a process that can be implemented by acomputer program, representing an exemplary embodiment of the invention.

FIG. 4A is a flow diagram with exemplary details for the fingerprintreading process depicted in FIG. 3.

FIG. 4B is a flow diagram with exemplary details for the featuredetection process depicted in FIG. 3.

FIG. 4C is a flow diagram with exemplary details for the fingerprint andfeature information analysis process depicted in FIG. 3.

FIG. 5 exemplary hardware/software components of a system incorporatingthe detachable fingerprint sensors of FIG. 1B in accordance with a stillfurther aspect of the invention.

FIGS. 6, 7, and 8 are a top view, a side view, and a rear view,respectively, of one embodiment of a computer pointing device inaccordance with the present invention.

FIG. 9 is a cross-sectional view of the embodiment shown in FIG. 6.

FIG. 10 is an electrical block diagram of an embodiment of electroniccircuitry useful within the computer pointing device shown in FIG. 6.

FIG. 11 is an electronic schematic drawing of interface circuitrydepicted in FIG. 10.

FIG. 12 is an electronic schematic drawing of user-button circuitrydepicted in FIG. 10.

FIGS. 13A, 13B, 13C and 13D are an electronic schematic drawing of videocircuitry depicted in FIG. 10.

FIG. 14 is a block diagram of a system incorporating the computerpointing device shown in FIG. 6.

The use of the same reference symbols in different drawings indicatessimilar or identical items.

DETAILED DESCRIPTION

The invention is generally directed to improving access to a securedentity through biometrics. In particular, a detector apparatus andmethod for providing user access to a secured application is disclosed.A user fingerprint is read in combination with one or more features ofan authentication article, including a precious gem or stone such as adiamond, which is being employed to authenticate the user fingerprint.Such a combination of features termed as a featureprint maysubstantially increase security while providing access to a securedapplication with the use of a fingerprint recognition device such as afingerprint sensor.

FIG. 1A is a top view of one embodiment of a fingerprint sensor 50 inaccordance with one aspect of the invention. The fingerprint sensor 50may comprise a receiving portion 55 that is configured to accept anauthentication article 60. The authentication article 60 may be disposedin proximity to the receiving portion 55 and readable by the fingerprintsensor 50. Upon receipt of the authentication article 60, thefingerprint sensor 50 detects one or more predetermined features of theauthentication article 60 while reading at least a portion of afingerprint of a user's finger in response to the finger positionedadjacent to the fingerprint sensor 50. The fingerprint sensor 50 mayfurther comprise a feature detection sensor 65 that is in operativerelation with the fingerprint sensor 50. The feature detection sensordetects the one or more predetermined features, or any combinationthereof of the authentication article 60.

FIG. 1B is a top view of one embodiment of a detachable fingerprintsensor 70 according to another aspect of the invention. The detachablefingerprint sensor 70 may comprise a plug-in interface 75 to communicatefingerprint information associated with the fingerprint of a user'sfinger and feature information associated with the authenticationarticle 60 to an associated system such as a computer system (notshown). It is to be understood that the associated system could be anyconventional system having appropriate fingerprint-analyzing means forverifying the at least a portion of a fingerprint of a user's finger. Inaddition, the associated system could include feature-analyzing meansfor detecting the one or more predetermined features, or any combinationthereof of the authentication article 60.

FIG. 1C is a top view of one embodiment of a portable fingerprint sensor80 having a memory 90 consistent with yet another aspect of theinvention. The portable fingerprint sensor 80 may be detachably coupledto operate with a portable device including a smart card (not shown). Asthe portable fingerprint sensor 80 is detachable, it may be configuredto operate with a variety of portable devices such as a camera,binocular, and telephone. The memory 90 may comprise a verificationengine 95 for operably communicating with a computer system (not shown).A communication interface 100 may be employed for operably communicatingwith the computer system for determining an identity of the user byverifying the fingerprint and undergoing subsequent authenticationthereof with the one or more predetermined features, or any combinationthereof of the authentication article 60. For example, the portablefingerprint sensor 80 may be removablly attached to operate with acomputer mouse or a trackball having a suitable interface for operablycommunicating with a computer system.

In one embodiment, the verification engine 95 may comprise a database105 and a comparator 110. The database 105 may include a storage A 120Afor having user information, a storage B 120B for keeping authorizationprofile, and a storage C 120C for maintaining audit log. Further, thefeature detection sensor 65 could be configured to accept a precious gemincluding a diamond having the one or more predetermined featuresincluding weight, size, and/or shape or form as profile of the exteriorsurface. For example, the verification engine 95 may employ a weightparameter for the weight, a size parameter for the size, and an exteriorsurface profile parameter for the shape or form of the diamond as thepredetermined features to authenticate the fingerprint. It is to beunderstood that any known one or more communication protocols may beemployed for communicating input fingerprint and feature information tothe communication interface 100 over link 125A, for bidirectionalinternal communication between verification engine 95 and thecommunication interface 100 over link 125B and/or for bi-directionalexternal communication over link 125C between communication interface100 and the plug-in interface 75.

Currently, many controlled access systems rely on portable verificationarticles to provide an additional level of user verification based onsomething tangible such as a pre-issued physical item to a particularauthorized user in conjunction with something non-tangible such as apre-issued password to same user. Such portable verification articlescould be physical devices that individuals may carry. This allows for aninexpensive way of verifying users requiring entering a password andpresenting a portable verification article. For example, a smart cardbeing a portable device having a memory and/or a microprocessor is usedas a portable verification article. When inserted or positioned near asmart card reader, the card communicates with the reader to transferdata or perform desired functions.

However, a variety of such portable verification articles are currentlyavailable in the marketplace including smart cards, but the controlledaccess systems are always vulnerable to various attacks by hackers aselectronic data and information stored on the smart cards can be easilystolen for potential misuse thereof. Thus, while using a portableverification article to provide verification, an authentication processcan be employed to provide a relatively more secured access forcommunication such as over a network.

Accordingly, the portable fingerprint sensor 80 may be coupled tooperate with a smart card having a communication interface for operablycommunicating with a computer system. To this end, the portablefingerprint sensor 80 may employ the verification engine 95 for operablycommunicating with the computer system in order to determine theidentity of the user bearing the smart card by first verifying thefingerprint and then authenticating the verified fingerprint with anauthentication article to provide an additional level of security.

The invention also contemplates a fingerprint sensor (or otherbiometric-type sensor) that is removable. Being a detachable fingerprintsensor (for connection with a smart card or other device), thefingerprint sensor could be portable and can be plugged into numerousother devices. In one embodiment, the detachable fingerprint sensor canbe plugged into a smart card. In another embodiment, it could be pluggedinto a mouse or track ball. In other embodiments, it could be pluggedinto a camera, binoculars, telephones, or any other device.

FIG. 2 is a block diagram of a system 200 incorporating the detachablefingerprint sensor 70 of FIG. 1B in accordance with a further aspect ofthe invention. The system 200 may include a portable device 210 having aport 215 to receive the plug-in interface 75 therein as indicated by anarrow 220. The portable device 210 may comprise a memory device such asa memory stick having a ROM generally integrated with a smart card (notshown). The portable device 210 may further comprise a verificationengine 95A in operative relation with a computer system 225, thedetachable fingerprint sensor 70, and the feature detection sensor 65for determining an identity of the user. For operably communicating withthe computer system 225 over a communication link 230, the portabledevice 210 may further comprise a communication interface A 100A.

The verification engine 95A may comprise a database 105A having a userdata 120D, an authorization profile 120E, and an audit log 120F and acomparator engine 110A for comparing a first signal indicative of the atleast portion of the fingerprint with a first authentication signalcorresponding to a stored copy of the fingerprint within the database105A. Likewise, a second signal indicative of the at least one of theone or more predetermined features of an authentication article 60A maybe compared with a second authentication signal corresponding to astored copy of the one or more predetermined features of theauthentication article 60A within the database 105A to provide anauthorization signal for a secured application (not shown) which iscommunicatively coupled to the computer system 225. The authorizationsignal selectively provides an access to the secured application to theuser.

The detachable fingerprint sensor 70 may provide the first signal to theverification engine 95A. The first signal may be derived from theportion of the fingerprint. And the feature detection sensor 65 mayprovide the second signal to the verification engine 95A. The secondsignal may be derived from at least one of the one or more predeterminedfeatures of the authentication article 60A.

For appropriate communication, the computer system 225 may include acommunication interface B 100B to communicate with the portable device210. In addition, to perform desired processing, the computer system 225may further include a microprocessor 240, a ROM 242, a RAM 244, a keypad246, a mouse 248, and a display 250. As persons skilled in the art willrecognize that any suitable computing system may be deployed withoutdeparting from the spirit of the present invention.

In one another exemplary embodiment, the computer system 225 being abiometric system may include a memory to store a biometric server enginehaving standard biometric functions for implementing one or morebiometric algorithms, and a fingerprint recognition device coupled to abiometric database having fingerprint recognition reference data andprecious gem feature reverence data. The fingerprint recognition devicemay sensor chip and a biometric interface.

For authentication, the sensor chip and biometric interface may verifyfingerprints and physical attributes of a pre-issued precious gem toauthenticate a fingerprint of an authorized user to provide an access toa secure application or a secured system. For example, along withrecognizing fingerprints the number of exterior surfaces of thepre-issued precious gem may be detected for providing the access to theauthorized user of the secure application. However, the physicalattributes of the pre-issued precious gem may be desired to be read orsensed either to authenticate the user when providing access to thesecure application the very first time or while adding/deleting accessrights to a new/old user, respectively. Physical attributes of thepre-issued precious gem could include, but not limited to size, weight,and number of exterior surfaces.

In operation, the authentication may be performed by using anauthorization algorithm with the biometric server engine. Accessing thefingerprint recognition reference data and gem geometric reference datafrom the database to compare with the fingerprint read along with one ormore features detected from the pre-issued precious gem from thefingerprint recognition device. For example, a predetermined physicalattribute of a diamond can be read for authenticating a user the firsttime to provide an access to the secured application to the user. Oncethe user is authenticated, any subsequent access may be provided to theuser with simply reading the fingerprint. As an example, after a grantof an initial access to the secure application or system the user couldkeep the diamond in a secure place. A variety of applications arecontemplated for the present invention including with smart or magneticcards. This invention incorporates the fingerprint sensor describedabove along with verification software that track the transactionsattempted and entered into the user. Accordingly, a detachablefingerprint sensor along with an audit trail may be readily devised.

The (detachable or permanent) fingerprint sensor may be equipped with areceiving slot or portion that is configured to accept a precious gem,such as a diamond. In operation, a user could plug in the fingerprintsensor into a device. The user would then position a precious gem suchas a diamond into the center (or other area) of the fingerprint sensor.The user could then place his/her finger over the fingerprint sensor,including the diamond. The verification software within a smart cardinterfacing with a computer system could then read the “fingerprint” ofthe diamond, the human fingerprint, or some combination of the two. Thepresence of the diamond increases the level of security because onewould need to steal both a user's fingerprint and the actual preciousgem in order to gain illegal access to the device.

Other implementations may include a fingerprint sensor/chip installed ona smart card for use with a pre-issued diamond (or any preciousgem/stone). The fingerprint sensor/chip having an audit trail could alsobe readily devised. Such embodiments consistent with the presentinvention may provide adequate user verification and subsequentauthentication to improve the level of security for information accessedby individuals over a communication medium such as a network. Theauthentication techniques described herein may allow a system user tocustomize their level of authentication based on the type ofauthentication article used and the available software on theworkstation and server. For example, the workstation and server mayprovide increased levels of verification and subsequent authenticationusing encryption techniques.

FIG. 3 is a flow diagram of a process that can be implemented by acomputer program, representing an exemplary embodiment of the invention.In step 300A, fingerprint information for authorized users including afirst user may be received. The fingerprint information can be readilystored in the database 105A in step 305A. A first dotted arrow 310A fromstep 305A to 300A indicates that such stored fingerprint information maybe periodically revised, if desired. Likewise, feature information forauthorization articles 60A including a first precious gem may bereceived in step 300B. This feature information can be readily stored inthe database 105A in step 305B. Again, a second dotted arrow 310B fromstep 305B to 300B indicates that such stored feature information may beselectively updated or manipulated, if desired.

At step 315, the fingerprint information may be associated to thefeature information for each authorized user. Each authorized user maybe issued the authentication article 60A such as a first precious gem tothe first user being provided in step 320. In step 330, for verificationpurposes reading of a fingerprint of a user through the detachablefingerprint sensor 70 may be performed. Similarly, at step 340, byutilizing the detachable fingerprint sensor 70, one or more features ofthe authentication article 60A may be detected for authenticating thefingerprint. To identify the user as the first user, the verificationengine 95A may utilize the one or more features of the precious gem andthe fingerprint in step 350.

A comparison test may be performed in step 355 by verification engine95A. The comparison test determines whether the fingerprint obtained instep 330 matches with the stored corresponding fingerprint information.And if so, to authenticate the fingerprint, a further check is performedas to whether the correctly matched stored fingerprint information wasassociated earlier in step 315 with the feature information obtainedfrom the one or more detected features of the precious gem in step 340.If this comparison test is affirmative, the verification may proceed tostep 360. Accordingly, in step 360, an access to a secured applicationmay be provided to the first user. Conversely, if no match is detected,step 350 may be repeated. If no conclusive match is found, theverification may terminate waiting for a next cycle of the process tobegin.

FIGS. 4A, 4B, and 4C show a flow chart of exemplary steps embodyingverification process consistent with one aspect of the presentinvention. With reference to FIGS. 3 and 4A, for step 330, thedetachable fingerprint sensor 70 having the receiving portion 55 may beplugged-in into a smart card in step 372. In step 374, a user mayposition a finger proximal to the receiving portion 55 for reading of atleast a portion of the fingerprint. Referring to FIGS. 3 and 4B, forstep 340, detecting one or more features includes positioning theauthentication article 60A such as the precious gem into the receivingportion 55 in step 382 and reading a precious gem fingerprint of theprecious gem to derive at least one or more features of the precious gemin step 384. With reference to FIGS. 3 and 4C, for step 350, theverification engine 95A analyzes at least a portion of the fingerprintto derive a first indication for verifying an identity of the user instep 392. Next, in step 394, the one or more features of theauthentication article 60A may be analyzed to derive a second indicationfor authenticating the fingerprint. Then at step 396, the first andsecond indications may be combined to derive an authorization for theuser by authenticating the fingerprint of the user with theauthentication article 60A.

FIG. 5 shows exemplary hardware/software components in a system 400. Thesystem 400 generally incorporates an array of fingerprint sensors 70Athrough 70C shown in FIG. 1B to provide controllable access to a securedapplication executed from an information processor 405 using Internet410 in accordance with one aspect of the invention. An individual mayuse a first computer, such as an IBM compatible computer 415A, 415B, or415C, to access over a computer network, such as the Internet 410, thesecured application from the information processor 405 that preferablyservices multiple first authorized users. Those skilled in the art willappreciate that other computer networks can be readily substituted forthe Internet 410.

The information processor 405 may include a network server 420, such asa Sun Solaris UltraSparc Server, executing communications software, suchas Apache HTTPD Server from The Apache Group, www.apache.org, tocommunicate over computer network including Internet 410. Also at theinformation processor 405 may be an applications server 425 having theone or more secured applications, preferably operating behind afirewall, in data communications with network server 420 and having amemory 430 that contains software used in the present invention. Suchsoftware may include a server engine 440, for generating and processingaccess requests, and a user engine 445, an audit log engine 450, anauthorization engine 455, a verification engine 460, a comparator engine465 in data communications with applications server 425 executing theone or more secured applications. The software operating on theapplications server 425 and network server 420 communicate with eachother and with necessary databases using standard protocols, such asHTTP, CGI or Apache API. Skilled persons will understand that additionalor different servers may be suitably deployed.

The authorized users could be part of a single enterprise and connectedto processor over a local area network, a wide area network, or anIntranet. Alternatively, the information processor 405 could servicemany unrelated first individuals, each having appropriate access to theone or more secured applications. The access may be determined from thecontent of user database 475, an authorization profile database 480and/or an audit log database 485 being accessible through informationprocessor 405. Typically, many users could continually generating accessrequests and posting them over computer network such as Internet 410.

To provide access, verification engine 460 compares the content of anaccess request, having the fingerprint and feature information, sent tothe information processor 405 with the contents of the user database475, the authorization profile database 480 and/or the audit logdatabase 485. If the access request content does not match with thecontent in the databases 475, 480, and/or 485, the system 400 mayacknowledge receipt of the access request with no data returned.

Conversely, if the access request meets predefined criteria, an accessauthorization to the one or more secured applications may be accordinglyreturned to the requesting user. Although the method of determining therecipient of the access authorization may be pre-specified, the actualrecipient of the access authorization may depend upon the content of auser-provided fingerprint and feature information, and may not,therefore, be known before the content of the user-provided fingerprintand feature information is analyzed.

The form and content of an access authorization to a user in response toan access request may be determined, in accordance with any suitablenotification specification. The user may be notified electronically suchas by an electronic message. The access authorization may includesending a copy of an entire secured application that matched thecriteria. The access authorization may include sending data and/orinformation that is determined by, or includes content from the securedapplication that meets the criteria.

One skilled in the art will appreciate that system 400 may include anynumber of computers or workstations, servers, and other networkcomponents. Computers 415A, 415B, and 415C are capable of sending datato and receiving data from Internet 410. Each computer 415A, 415B, and415C includes a processor, memory, and input/output devices tofacilitate user interfacing. Each computer 415A, 415B, and 415C alsoincludes software for implementing the fingerprint and featureverification/authentication techniques described herein. Moreover, eachcomputer 415A, 415B, and 415C includes a communication device such as amodem or other communications devices to transfer data over Internet410. The computers 415A, 415B, and 415C may have any configurationconsistent with the present invention. Internet 410 may provide acommunication medium that routes information between computers 415A,415B, and 415C connected thereto. Nevertheless, the fingerprint sensors70A through 70C generally integrated with associated computers 415A,415B, and 415C employing the fingerprint and featureverification/authentication techniques consistent with the presentinvention may be used on other wide area networks (WANs) as well aslocal area networks (LANs), network protocols including TransmissionControl Protocol/Internet Protocol (TCP/IP), and other communicationmedia.

The embodiments described next are examples of how the present inventioncan be implemented and employed. Variations will be obvious to personsof ordinary skill in the art given the disclosure of the inventionherein. The scope of the invention is not limited by the specificexamples included herein.

Trackball Embodiments

FIG. 6, FIG. 7, and FIG. 8 illustrate a top view, a side view, and arear view, respectively, of a trackball embodiment of the presentinvention. Referring specifically to FIG. 6, a computer trackballpointing device 510 includes a base 512 which is substantially circularin shape and has a generally circular perimeter 514. It is preferablyapproximately 6 inches in diameter, weighs approximately 2 pounds, andis constructed generally of heavy duty plastic, although otherdimensions are plausible. A chamfered surface 525 is formed between thetop surface of base 512 and the perimeter surface 514. A trackball 516is mounted off-center on the base 512 within a housing 528 formed on thebase at a location intersecting the generally-circular perimeter surface514. An upper section 518 is connected to the base 512 and includes, forthis embodiment, three user-depressable buttons 522A, 522B and 522Cformed substantially on a top surface 524 of the upper section 518. Aninterface 520 connects between the computer trackball pointing device510 and an attached computer system, or other electronic system.

A fingerprint sensor 529A or other suitable biometric sensor is mounted,for this embodiment, within the center button 522B within the uppersection 518 which is a location such that when operating the trackballpointing device 510 in a normal manner, a user's hand rests naturally ina position to place the second finger of the user's hand (i.e., the“middle” finger) in proximity and readable by the fingerprint sensorlocated below user depressable button 522B. The arrangement is wellsuited for all users regardless of hand size. The trackball pointingdevice 510 is adaptable for both right-handed and left-handed usersbecause the upper section 518 is rotatably connected to the base 512 sothat the trackball is positionable to either a position leftward or aposition rightward of the upper section. The axis of this rotation isindicated at location 527 and provides for a symmetrical positioning oftrackball 516 on either the left side or the right side of upper section518.

The fingerprint sensor 529A may comprise a receiving portion 529B thatis configured to accept an authentication article (not shown).Preferably, the fingerprint sensor 529A is mounted within the uppersection 518 for detecting one or more predetermined features of theauthentication article and for reading at least a portion of afingerprint of a user's finger in response to the finger positionedadjacent to the fingerprint sensor 529A and the authentication articledisposed in proximity to the receiving portion 529B and readable by thefingerprint sensor 529B.

The pointing device 510 may further include a feature detection sensor(not shown) in operative relation with the fingerprint sensor. Thefeature detection sensor detects the one or more predetermined features,or any combination thereof of the authentication article. In otherwords, the feature detection sensor reads a featureprint of theauthentication article including a precious gem such as a diamond. Inone embodiment, the featureprint may include a weight parameter for theweight, a size parameter for the size, and an exterior surface profileparameter for the shape or form of the diamond as the predeterminedfeatures to authenticate the fingerprint.

The pointing device 510 may further include a verification engine inoperative relation with the computer system, the fingerprint sensor529A, and the feature detection sensor for determining an identity ofthe user. The fingerprint sensor 529A may provide a first signal to theverification engine, which is derived from the portion of thefingerprint. Likewise, the feature detection sensor may provide a secondsignal to the verification engine, which is derived from at least one ofthe one or more predetermined features of the authentication article.

The verification engine may comprise a database having a user storage,an authorization profile storage, and an audit log storage. Theverification engine may further comprise a comparator engine forcomparing the first signal indicative of the at least portion of thefingerprint with a first authentication signal corresponding to a storedcopy of the fingerprint within the database. The comparator engine maycompare the second signal indicative of the at least one of the one ormore predetermined features of the authentication article with a secondauthentication signal corresponding to a stored copy of the one or morepredetermined features of the authentication article within the databaseto provide an authorization signal for a secured application which iscommunicatively coupled to the computer system. The authorization signalmay selectively provide an access to the secured application to theuser.

In one embodiment, the fingerprint sensor 529A is located beneath aparticular one of the button positions. And the fingerprint sensor 529Aincludes a capacitive imaging array located at the particular buttonposition contactable by the user's finger so that the user's fingerprintmay be imaged by the capacitive imaging array. Alternatively, thefingerprint sensor 529A can be incorporated into an operable buttonlocated at the particular button position. The fingerprint sensor 529Amay include an optical imaging array and the particular button positionincludes a transparent material through which the user's fingerprint maybe imaged by the imaging array. The pointing device 510 may furthercomprise one or more additional biometric sensors in operative relationwith the fingerprint sensor 529A.

Referring now to FIG. 7, the bottom surface 530 of the base 512 issubstantially flat and may include cushioning pads (not shown) such aslow-profile self-adhesive rubber feet, or some other non-scratchingsurface treatment. The top surface 524 of the upper section 518 isshown, for this embodiment, as a substantially uniformly curved, convexsurface which provides a comfortable surface for a user's palm and lowerfinger regions to rest comfortably upon the computer trackball pointingdevice 510. Referring specifically to the read view shown in FIG. 8, theinterface 520 is shown as a cabled interface passing through the rearsurface of the upper section 518. The flat bottom surface 530 of base512, particularly when implemented with a reasonable large diameter,allows the computer trackball pointing device 510 to easily be placed ona user's lap, or on a soft surface such as a bed, rather than requiringa hard surface such as a desktop.

To rotate the position of the trackball 516 from one side to the other,the computer trackball pointing device 510 is elevated from the surfaceupon which it rests, the upper section 518 is maintained in a directionpointing away from the user (the interface 520 pointing away from theuser) and the base 512 is rotated upon axis 527 sufficiently to causethe trackball 516 within housing 528 to be moved from, for example, theleft side of the upper section 518 (as is indicated in FIG. 6) to theright side of upper section 518.

Details of the rotating connection which provides this capability aswell as other internal details of the trackball pointing device 510 areshown in cross-section in FIG. 9. Center column 554 is formed as part ofthe upper section 518 and provides the axis point for the base 512 torotate with respect to the upper section. Screw 542 (and optionally awasher, not shown) fasten the upper section 518 to the base 512, as wellas provide the axis of rotation for the base 512. Interface 520 is nowmore clearly illustrated as being connected to the upper section 518 sothat when used by either right-handed or left-handed users, and when thethree buttons are positioned away from the user (i.e., in a rearwarddirection), the interface is held and pointed in the same direction evenas the base is rotated either leftward or rightward of the uppersection. Lower circuit board 540 is shown providing a suitable carrierfor necessary electronics to implement the functionality required of thecomputer trackball pointing device 510. For example, integrated circuit552 is shown attached to a lower printed wiring board 540 (PWB), and anupper PWB-41 is shown electrically interconnected by interface cable 550to the lower PWB-40. The upper PWB-41 includes a depressable switch 548and a fingerprint sensor 544A. In this embodiment, user depressableswitch 522B is formed of a transparent material through which thefingerprint sensor (which may be an optical CCD sensor) may view thefingerprint of a user whose finger rests upon the surface of transparentbutton 522B. When depressed by a user, the button 522B causes switch 548to be depressed by linkage 546. This allows the center button 522B to bean operable button, able to sense when a user depresses the button andto communicate such information to an attached electronic system. Butthe computer trackball pointing device 510 also provides, by way of thefingerprint sensor 544A viewing the fingerprint of the user through thetransparent material forming button 522B, and at the same time, a scanof the user's fingerprint. This affords the capability of identifying orauthorizing the particular user. When connected to an attachedelectronic system, this trackball pointing device 510 provides for theability to read the fingerprint of a user, even as the user is usingthat very finger to make input selections to the attached electronicsystem.

The fingerprint sensor 544A may comprise a receiving portion 545 that isconfigured to accept an authentication article (not shown). Preferably,the fingerprint sensor 544A is mounted below the upper section 518 fordetecting one or more predetermined features of the authenticationarticle and for reading at least a portion of a fingerprint of a user'sfinger in response to the finger positioned adjacent to the fingerprintsensor 544A and the authentication article disposed in proximity to thereceiving portion 545 and readable by the fingerprint sensor 544A.

The pointing device 510 may further include a feature detection sensor544B in operative relation with the fingerprint sensor. The featuredetection sensor 544B detects the one or more predetermined features, orany combination thereof of the authentication article. In other words,the feature detection sensor 544B reads a featureprint of theauthentication article including a precious gem such as a diamond. Inone embodiment, the featureprint may include a weight parameter for theweight, a size parameter for the size, and an exterior surface profileparameter for the shape or form of the diamond as the predeterminedfeatures to authenticate the fingerprint.

Those skilled in the art will appreciate that the feature detectionsensor 544B can be readily devised to read the featureprint of theauthentication article. For example, the feature detection sensor 544Bmay include a combination of known detectors such as a weight detectorfor measuring the weight of the authentication article, and an opticaldetector for sensing the shape, size or form of the authenticationarticle.

It should also be appreciated when looking at the computer inputtrackball device depicted in FIGS. 6 through 9 that when the uppersection 518 is rotated such that the trackball 516 is located leftwardof the upper section 518, a right-handed user's hand when operating thedevice in a normal manner rests naturally in a position to place thesecond finger of the user's right hand in proximity and readable by thefingerprint sensor 544A and the user's right thumb in a position tocomfortably move the trackball 516. Moreover when the upper section 518is rotated such that trackball 516 is located rightward of the uppersection 518, a left-handed user's hand when operating the device in anormal manner rests naturally in a position to place the second fingerof the user's left hand in proximity to and readable by the fingerprintsensor 544A and the user's left thumb in a position to comfortably movethe trackball 516.

Generally speaking, the fingerprint sensor 544A conveys informationassociated with the user's identity to the computer system attached byway of interface 520. This information may include a signal indicatingwhether the user is authorized to access the computer system. Forexample, a storage means such as an electronic memory may be includedwithin the trackball pointing device 510 for storing informationassociated with the identity of at least one authorized user which isreceived from the attached computer system. Thereafter the fingerprintsensor 544A utilizing such storage, within the trackball pointing device510, of authorized users may independently make a determination that aparticular user attempting to use the device is an authorized user uponcomparison of actual measured fingerprint with stored information fromthe authorized list. In other instances the information associated withthe user's identity may include a signal indicating the attributes ofthe user's fingerprint so that the attached computer or other electronicsystem may determine whether the user is authorized to access thecomputer system. Examples of such attributes of the user's fingerprintinclude a digitized scanned image of the user's fingerprint, compressedrepresentations of the user's fingerprint in digital or other formincluding a digital representation of the minutia of the user'sfingerprint.

Other embodiments of similar input devices incorporating a biometricsensor may include a variety of different button positions in which thefingerprint sensor or other biometric sensor is located below aparticular one of the button positions. FIG. 6 shows an pointing device510 having three button positions, each of which is depicted toillustrate an operable button (e.g., buttons 522A, 522B, and 522C) ateach of the button positions, but a particular button position may haveeither an inoperable button at such a location or no button whatsoeverat the location. Moreover, the fingerprint sensor 544A or otherbiometric sensor may be located below a button position, whetheroperable or not, or at a location not beneath a button position. Inanother embodiment a three-button mouse includes a fingerprint sensor544A disposed beneath an operable or inoperable center button positionas is similarly depicted within the upper section 518 of the computertrackball pointing device 510 shown in FIG. 6.

While the base of the computer trackball pointing device 510 is shown inFIG. 6 as being rotatably connected to the upper section 518, othervariations are equally plausible. For instance, a fixed connection couldbe easily implemented as a single-piece construction and could beconfigured for a right-handed or a left-handed user rather than as asingle device which provides equal suitability to either a right-handedor a left-handed user. Likewise, similar moveable connections ratherthan a rotational connection are also contemplated which would allow atrackball device to be positioned in at least one of two locations suchthat suitable use for both right-handed and left-handed users may beachieved. The interface 520 which is depicted in FIG. 6 as being a wiredinterface may also be implemented as a wireless interface and couldinclude an infrared, a radio frequency or any variety of other wirelesstechniques. The interface may instead include a wireless interfacehaving a transducer located at a rear surface of the upper section 518.Fingerprint sensor 544A may be implemented as an optical imaging arrayas depicted in FIG. 9 in which the user's fingerprint is imaged througha transparent material forming button 522B. Such optical imaging arraysare commercially available, including from Suni Imaging Systems,Mountain View, Calif., and from Keytronics, Washington, D.C.Alternatively such a fingerprint sensor 544A may also be implemented asa capacitive imaging array, such as the FingerLoc.TM. series of sensors,available from the Harris Corporation, Melborne, Fla.

FIG. 10 is an electrical block diagram of one embodiment of anelectronic sub-system 550 which may be implemented within the computertrackball pointing device 10 shown in FIG. 6. The sub-system 550includes an interface 551 which communicates to an attached computersystem or other electronic system, a controller 555 for general controlfunctions and for implementing traditional computer “mouse” functions, abutton block 552 which includes traditional computer mouseuser-depressable buttons, a pointer 553 which, in this case, includescircuits for implementing a computer trackball pointing device, and CCDcamera 554 which provides a capability of visually scanning a user'sfingerprint.

The interface 551 includes a group 560 of wires which providescommunication to and from an attached system. These wires are preferablyimplemented using an unshielded twisted pair (UTP) cable having threetwisted pairs of wires for connecting, using suitable connectors, to anattached computer or other electronic system. The group 560 of wiresincludes power terminal RAW12 and ground terminal GROUND for receivingpower and ground from the attached system, differential video signallines VIDEO+ and VIDEO− for conveying a differential video signal to theattached system, and serial data lines DATA and DATA_RET forrespectively conveying serial data to and from the attached system. Inother embodiments, a wireless interface, such as an infrared or RFinterface may also be used. On-board batteries may used to power thepointing device in lieu of power cables.

The button block 552 includes three user-depressable buttons (not shown)and conveys a signal for each button (BUTTON1, BUTTON2, and BUTTON3) ina group 557 of wires to the controller 555. Other numbers of buttons arealso possible, including one, or two. The pointer 553 includes thetrackball position sensor and communicates positional information usingsignals X_CLK, X_DIR, Y_CLK, and Y_DIR to the controller 555 via thegroup 556 of wires. The pointer 553 may also include a computer mouseposition sensor. Power is also received from the interface 551 via awire within the group 556 of wires.

The controller 555 receives power from the interface 551 via one of thewires 556, and also sends and receives serial data to/from the interface551 via wires 559 and 558, respectively. Controller 555 provides for apoint-and-click selection capability and data transfer capability to anattached system, to provide the traditional capabilities associated witha computer mouse or trackball.

Biometric sensor 554, such as a CCD camera, receives power from theinterface 551 and conveys (for this example) a video signal to theinterface 551 via wire 560. In other embodiments, other types ofbiometric sensors may be used, such as an capacitive fingerprint sensorrather than an optical sensor. One such sensor is the FingerLoc.TM.series of capacitive imaging array sensors, available from the HarrisCorporation, Melborne, Fla. Additional control and data signals (notshown) between the interface 551, the controller 555, and the biometricsensor 554 are to be expected in other embodiments.

Referring now to FIG. 11, one embodiment of the interface 551 includes avoltage regulator 570 for generating a +5 volt power supply from anincoming +12 volt supply, along with various related filteringcapacitors and a ferrite bead. Twin video amplifiers 571, 572 produce adifferential video signal from a single-ended signal received from thebiometric sensor 554. Video amplifier 571 is configured as a unity gainamplifier with a 75 ohm output impedance, and video amplifier 572 isconfigured as a negative unity gain amplifier, also with a 75 ohm outputimpedance. Serial data buffers 573, 574 provide simple buffering to analready serial signal received from the controller 555 (e.g., HDATA_OUT)or received from the attached system (e.g., HDATA_IN).

FIG. 12 depicts one embodiment of the button block 552. A respectivepull-up resistor to a +5 power supply voltage is momentarily connectedto ground by a respective user-depressable switch, and which generatesthe respective button signal.

FIG. 13 illustrates one embodiment of a biometric sensor 554incorporating a CCD camera system which may be implemented within apointing device, such as within the computer trackball pointing device510 shown in FIG. 6.

System Embodiments

FIG. 14 illustrates a system 600 which includes a user interfaceterminal 602 connected via a connection 610 to a computer verificationengine 612. User interface terminal 602 includes a biometric inputdevice 603 (e.g., a computer trackball pointing device 510), a keyboard606, a display 604, and an interface controller 608. The computerverification engine 612 includes an interface controller 614, aprocessor 616, and memory 618. The processor 616 generates an accesscontrol signal 620 when user identification and/or authorization hasbeen confirmed and access to a particular system or feature (not shown)is warranted. Such an access-controlled system may reside within thecomputer verification engine 612, or may be external to the computerverification engine 612, and may include access to physical equipment orelectronically stored or transmitted information.

Memory 618 includes known user storage 626 for storing theidentification information, such as a fingerprint “signature,” of usersalready known to the system 612. Memory 618 also includes authorizationprofile storage 622 for storing authorization information (e.g.,permissible dates/times/functions/transactions/machines) for each useralready known to the system 612. Memory 618 also includes an audit logstorage 624 for storing successful and unsuccessful system accesses, aswell as transaction information for users who successfully gain accessto the system. The authorization profile storage 622, audit log storage624, and known user storage 626 may be implemented together as one ormore digital memory devices, or may be implemented using separate memorytechnologies, such as writable CD-ROM, magnetic disk, optical disk,flash memory, and other well known technologies. Advantageously, one ormore of the authorization profile storage 622, the audit log storage624, and the known user storage 626 may store encoded information, andmay be implemented as an electronic memory device connected to thesystem 612, such as a removable PC card memory device. This affords, forexample, an authorized user to carry his profile in a removable deviceand allows gaining access to any system to which the removable device isconnected.

A user initializes the verification engine by first using the biometricinput device 603, such as the computer trackball pointing device 510, tosense the biometric information (in this example, a fingerprint), todigitize it, optionally compress it or otherwise extract a “signature”representative of that user's fingerprint, and store the information,along with other user identifying information, into the known userstorage 626. The stored “signature” is then used to identify and/orverify subsequent attempted accesses of the system 600.

Additionally, information is stored into authorization profile storage622, preferably by one who controls access to the system, such as asystem administrator, a hotel cashier, or others, to specify which usermay perform which transactions at what times and dates, etc. Thereafter,when a user attempts to access the system, his or her fingerprint isread by device 603, and compared with the known user storage 626 and theauthorization profile storage 622 to determine whether to allow theparticular user to perform the function requested. If so, the processor616 then drives the access control signal 620 and logs the particulartransaction, time, date, and identification information for the user.The identification of the user is verified continuously as long as theuser is in contact with the biometric input device 603 (for thisexample, the computer trackball pointing device 510). Each time the userinputs a system request, the verification process must be completed andmaintained prior to continuing the use of the device being accessed.Verification times of several seconds are achievable with availableprocessors and algorithms. If the use of the accessed device isdiscontinued, the verification process must be completed once prior togaining access to the desired device, and use must be maintained forcontinued access.

If, at any time, a biometric reading is taken which does not match anyuser having a profile stored in the known user storage 626, access isdenied and an audit log may be stored within the audit log storage 624to provide a record of unsuccessful access attempts. Such an audit logentry may include time, date, attempted transaction, and a copy of theuser identification information determined by the biometric device, suchas a scanned fingerprint image, a fingerprint minutia representation, orothers. Alternatively, if the user identifying information from thebiometric device is matched with a user found in the known user storage626, but the authorization profile storage 622 indicates that theparticular user has requested something for which he or she is notauthorized, then access is also denied and an audit log entry is alsocreated in the audit log storage 624. This entry may include time, date,attempted transaction, and an indication of the user's identity, such asa name, a photographic image, or others.

Such an audit log affords a significant capability to detect internalfraud and other unauthorized use by persons known to the system, andindeed authorized to perform some tasks, but not authorized for the taskor function at the attempted time or date. For example, assume thesystem 600 is configured to provide access control to a cash registermachine. Assume Sally and Mary are both registered employees known tothe system and each has an entry in the known user storage 626. Furtherassume that Mary is continuously and properly verified during her shiftas being authorized to engage in the type of transactions normallyperformed at her cash register. But if, during one of Mary's short workbreaks, Sally tries to access the cash register during a time she isunauthorized, the system logs her unsuccessful attempt along with hername, picture, fingerprint, or some other identifying information. IfSally is unknown to the system altogether (i.e., no entry in the knownuser storage 626), then the audit log created may include, as well, asmuch identifying information, such as a fingerprint image, as possibleto help law enforcement officials or others in identifying the personresponsible for the unsuccessful access.

The computer trackball pointing device 510 may generate a scanned imageof a users fingerprint, which is communicated to a host system forverification processing. Alternatively, the verification capability mayreside within the computer trackball pointing device 510 along withauthorized user keys to allow the pointing device to determine whether auser is authorized, without significant data transfers between thecomputer trackball pointing device 510 and the attached system. Forexample, the FingerLoc.TM. series of devices, available from the HarrisCorporation of Melborne, Fla., includes a down-loadable local memory forstoring fingerprint profiles for up to 100 users, and includes aprocessor for independently determining whether an observed fingerprintmatches one stored within the local memory, without intervention from anattached host processor. In such an embodiment, the computer trackballpointing device 510 may therefore include biometric identificationsoftware, as well.

Combined Identification/Substance Detection Embodiments

In some embodiments of a pointing device employing an optical scanningcapability, such as a color CCD imager, it may be possible to determinethe blood alcohol content of the user simultaneously with scanning thefingerprint to determine the identification of the user. Such a combinedidentification/sobriety sensor would only allow access to an authorizedperson if he/she was sober. This could have tremendously beneficialapplications in security access to military bases, power plants,industrial machinery areas, employer liability concerns, and others. Asensitive patch material is commercially available which, when incontact with a person's skin, changes color in response to chemicalvariations in the user's perspiration, and which is correlated to theperson's blood alcohol content. A small patch of such material, ifplaced over the transparent window, allows a user's finger to bepartially visible (and the patch could be sized small enough to preserveenough fingerprint information) for identifying a person, and yet stillbe large enough to sense perspiration variations, and change colorappropriately enough to determine the blood alcohol content of the user.Such an arrangement would make the combined identification/sobrietysensor difficult for two people to fool. If the “authorized” person wasdrunk, and another person, a “thief,” was sober, the system would stillbe hard to defeat. Such a system may be hard enough to defeat to permitunattended sobriety/identification terminals, for remote access control,which ensures a sober user, not just an authorized user. Materials,which may be used to detect other substances than alcohol, such ascocaine or other narcotics, may also be available and incorporatedadvantageously as described above.

Ten Finger Identification With Single Sensor

A pointing device such as a computer trackball pointing device 510 asshown in FIG. 6, or any other device which has only one fingerprintsensor, may be used with up to all ten fingers to decrease thestatistical chance of authentication error. For example, a user duringthe initialization sequence may be requested to place each of his/herfingers on the single fingerprint sensor so the system may learn each ofthe user's ten fingerprints. Then, periodically or at random, frequentintervals, the user may be requested by the system to place a certainfinger on the sensor before the system proceeds. Also, such a system mayrequest all tens fingers be presented sequentially to the sensor after apredetermined period of inactivity. The system may also demand all tenfingers be sequentially placed upon the fingerprint sensor beforegranting initial access, or after a predetermined period of userinactivity.

Foot-Print Embodiment

Embodiments of the present invention may include adaptations which allowa foot-operated pointing device which identifies a user by matching footprints. A position sensor may be implemented in a much larger size to beeasily operable with one or both feet, while large user-depressablebuttons may be engaged with one or more toes, during which time one ormore sensors scans portions of the user's foot or feet.

Other Embodiments

It should be appreciated that a mouse position sensor may be usedinstead of a trackball position sensor by using the teachings of thisdisclosure.

A fingerprint sensor may also be placed below a transparent trackball toallow reading a user fingerprint through the trackball. Distortionscaused by the curvature of the trackball may be accounted for bysoftware transformations of scanned fingerprint image data, or by merely“teaching” the fingerprint of an authorized user by using the samedistorted optics.

While the invention has been described with respect to the embodimentsset forth above, the invention is not necessarily limited to theseembodiments. For example, while recited using a typical context of usewith a computer system, a computer pointing device may be attached to awide variety of other electronic systems which are essentially computersystems or computer-controlled systems, such as set-top boxes fortelevision, security systems, and others. Moreover, a pointing device asdescribed herein is particularly well suited for use with a system alongwith other biometric sensors, such as a biometric retinal scanner whichmay be used for identification/authentication and/or substancedetection, as well as with a removable PC card memory storage to storebiometric information for the authorized user. Accordingly, otherembodiments, variations, and improvements not described herein are notnecessarily excluded from the scope of the invention, which is definedby the following claims.

Although the present invention and its advantages have been described indetail, it should be understood that various changes, substitutions andalterations can be made to the embodiments herein without departing fromthe spirit and scope of the invention as defined by the appended claims.Moreover, the scope of the present application is not intended to belimited to the particular embodiments of the process, machine,manufacture, composition of matter, means, methods and steps describedin the specification. As one of ordinary skill in the art will readilyappreciate from the disclosure of the present invention, processes,machines, manufacture, compositions of matter, means, methods, or steps,presently existing or later to be developed that perform substantiallythe same function or achieve substantially the same result as thecorresponding embodiments described herein may be utilized according tothe present invention. Accordingly, the appended claims are intended toinclude within their scope such processes, machines, manufacture,compositions of matter, means, methods, or steps.

1. A detector apparatus, comprising: a fingerprint sensor having areceiving portion that is configured to accept an authenticationarticle, the fingerprint sensor detecting one or more predeterminedfeatures of said authentication article and reading at least a portionof a fingerprint of a user.
 2. The apparatus of claim 1, furthercomprising a feature detection sensor, in operative relation with thefingerprint sensor, that detects one or more than one of thepredetermined features.
 3. The apparatus of claim 1, wherein thefingerprint sensor is detachably coupled to a portable devicecomprising: an interface for operably communicating with a computersystem; and a verification engine for operably communicating with thecomputer system for determining the identity of a the user.
 4. Theapparatus of claim 2, further comprising an interface for operablycommunicating with a computer system.
 5. The apparatus of claim 4,further comprising a verification engine in operative relation with thecomputer system, the fingerprint sensor, and the feature detectionsensor for determining an identity of the user, wherein the fingerprintsensor provides: a first signal to the verification engine, the firstsignal being derived from the portion of the fingerprint, and thefeature detection sensor provides: a second signal to the verificationengine, the second signal being derived from at least one of the one ormore predetermined features of the authentication article.
 6. Theapparatus of claim 5, wherein the verification engine comprises: adatabase having a user storage, an authorization profile storage, and anaudit log storage; and a comparator engine for comparing: the firstsignal indicative of the at least portion of the fingerprint with afirst authentication signal corresponding to a stored compy of thefingerprint within the database, and the second signal indicative of theat least one of the one or more predetermined features of theauthentication article with a second authentication signal correspondingto a stored copy of the one or more predetermined features of theauthentication article within the database to provide an authorizationsignal for a secured application which is communicatively coupled to thecomputer system.
 7. The apparatus of claim 6, wherein the authorizationsignal selectively provides and access to the secured application to theuser.
 8. The apparatus of claim 3, wherein the verification enginecomprises: a database having a user storage, an authorization profilestorage and an audit log storage.
 9. The apparatus of claim 3, whereinthe portable device comprises a smart card.
 10. The apparatus of claim1, wherein the fingerprint sensor is removably attached to a computermouse having an interface for operably communicating with a computersystem.
 11. The apparatus of claim 1, wherein the fingerprint sensor isremovably attached to a trackball having an interface for operablycommunicating with a computer system.
 12. The apparatus of claim 1,wherein the fingerprint sensor is detachably coupled to a camera. 13.(canceled)
 14. The apparatus of claim 1, wherein the fingerprint sensoris detachably coupled to a telephone.
 15. The apparatus of claim 1,wherein the authentication code comprises a precious gem.
 16. Theapparatus of claim 15, wherein the precious gem comprises a diamond andthe one or more predetermined features are selected from a groupconsisting of: a weight of said diamond; a size of said diamond; and anexterior surface profile of said diamond.
 17. The apparatus of claim 16,wherein the fingerprint sensor is coupled to a smart card having aninterface for operably communicating with a computer system.
 18. Theapparatus of claim 17, wherein the fingerprint sensor is coupled to averification engine for operatively communicating with the computersystem for determining an identity of the user bearing the smart card.19. The apparatus of claim 18, wherein the verification enginecomprises: a database having a user storage, an authorization profilestorage, and an audit log storage. 20-34. (canceled)
 35. A detectorapparatus, comprising: a fingerprint sensor disposed at a location suchthat when operationg said apparatus in a normal manner, a user's fingerof a user's hand rests in proximity to and readable by said fingerprintsensor for reading a user's fingerprint; and a feature detection sensorin operative relation with the finger print sensor and having a housingthat is configured to receive an authentification article, the featuredetection sensor being configured to detect one or more predeterminedfeatures os said authentication article, wherein the detector apparatusidentifies the user according to the fingerprint and at least one of theone or more predetermined features from the authentication article. 36.A method for providing user access to a secured application, comprising:reading the fingerprint of a user with a fingerprint sensor; detectingone or more features of an authentication article with the fingerprintsensor; analyzing at least a portion of the fingerprint to derive afirst indication fro verifying an identity of the user; analyzing atleast one of the one or more features of the authentication article toderive a second indication for authenticating the fingerprint; andcombining the first and second indications for selectively providingaccess to the second application of the user.
 37. A method, comprising:reading a fingerprint of a user; detecting one or more features of aprecious gem; analyzing the fingerprint to derive a first indication;analyzing the one or more features of the precious gem to derive asecond indication; and combining the first and second indications forverifying an identity of a user.
 38. The method of claim 37, wherein thereading the fingerprint includes: plugging in a fingerprint sensorhaving a first surface into a smart card; and positioning a fingerproximal to the first surface of said fingerprint sensor.
 39. The methodof claim 38, wherein the detecting one or more features includes:positioning the precious gem into a slot located proximal to the firstsurface f the fingerprint sensor; and reading a featureprint of theprecious gem to derive the one or more features of the precious gem.